New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

Checkpoint 156-215.81 Check Point Certified Security Administrator R81.20 Exam Practice Test

Page: 1 / 40
Total 400 questions

Check Point Certified Security Administrator R81.20 Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$37.5  $124.99

PDF Study Guide

  • Product Type: PDF Study Guide
$33  $109.99
Question 1

Fill in the blank: It is Best Practice to have a _____ rule at the end of each policy layer.

Options:

A.

Explicit Drop

B.

Implied Drop

C.

Explicit Cleanup

D.

Implicit Drop

Question 2

Which of the following is NOT a tracking log option in R80.x?

Options:

A.

Log

B.

Full Log

C.

Detailed Log

D.

Extended Log

Question 3

When an encrypted packet is decrypted, where does this happen?

Options:

A.

Security policy

B.

Inbound chain

C.

Outbound chain

D.

Decryption is not supported

Question 4

Is it possible to have more than one administrator connected to a Security Management Server at once?

Options:

A.

Yes, but only if all connected administrators connect with read-only permissions.

B.

Yes, but objects edited by one administrator will be locked for editing by others until the session is published.

C.

No, only one administrator at a time can connect to a Security Management Server

D.

Yes, but only one of those administrators will have write-permissions. All others will have read-only permission.

Question 5

Fill in the blank: Service blades must be attached to a ______________.

Options:

A.

Security Gateway

B.

Management container

C.

Management server

D.

Security Gateway container

Question 6

When connected to the Check Point R80 Management Server using the SmartConsole the first administrator to connect has a lock on:

Options:

A.

Only the objects being modified in the Management Database and other administrators can connect to make changes using a special session as long as they all connect from the same LAN network.

B.

The entire Management Database and other administrators can connect to make changes only if the first administrator switches to Read-only.

C.

The entire Management Database and all sessions and other administrators can connect only as Read-only.

D.

Only the objects being modified in his session of the Management Database and other administrators can connect to make changes using different sessions.

Question 7

Which of the following technologies extracts detailed information from packets and stores that information in state tables?

Options:

A.

INSPECT Engine

B.

Next-Generation Firewall

C.

Packet Filtering

D.

Application Layer Firewall

Question 8

Fill in the blank: Permanent VPN tunnels can be set on all tunnels in the community, on all tunnels for specific gateways, or__________.

Options:

A.

On all satellite gateway to satellite gateway tunnels

B.

On specific tunnels for specific gateways

C.

On specific tunnels in the community

D.

On specific satellite gateway to central gateway tunnels

Question 9

What is NOT an advantage of Packet Filtering?

Options:

A.

Application Independence

B.

High Performance

C.

Scalability

D.

Low Security and No Screening above Network Layer

Question 10

How many users can have read/write access in Gaia Operating System at one time?

Options:

A.

One

B.

Three

C.

Two

D.

Infinite

Question 11

A Check Point Software license consists of two components, the Software Blade and the Software Container. There are ______ types of Software Containers: ________.

Options:

A.

Two; Security Management and Endpoint Security

B.

Two; Endpoint Security and Security Gateway

C.

Three; Security Management, Security Gateway, and Endpoint Security

D.

Three; Security Gateway, Endpoint Security, and Gateway Management

Question 12

Which Check Point software blade provides Application Security and identity control?

Options:

A.

Identity Awareness

B.

Data Loss Prevention

C.

URL Filtering

D.

Application Control

Question 13

What are the three components for Check Point Capsule?

Options:

A.

Capsule Docs, Capsule Cloud, Capsule Connect

B.

Capsule Workspace, Capsule Cloud, Capsule Connect

C.

Capsule Workspace, Capsule Docs, Capsule Connect

D.

Capsule Workspace, Capsule Docs, Capsule Cloud

Question 14

Which back up method uses the command line to create an image of the OS?

Options:

A.

System backup

B.

Save Configuration

C.

Migrate

D.

snapshot

Question 15

After trust has been established between the Check Point components, what is TRUE about name and IP-address changes?

Options:

A.

Security Gateway IP-address cannot be changed without re-establishing the trust

B.

The Security Gateway name cannot be changed in command line without re-establishing trust

C.

The Security Management Server name cannot be changed in SmartConsole without re-establishing trust

D.

The Security Management Server IP-address cannot be changed without re-establishing the trust

Question 16

Fill in the blank: An Endpoint identity agent uses a ___________ for user authentication.

Options:

A.

Shared secret

B.

Token

C.

Username/password or Kerberos Ticket

D.

Certificate

Question 17

Security Zones do no work with what type of defined rule?

Options:

A.

Application Control rule

B.

Manual NAT rule

C.

IPS bypass rule

D.

Firewall rule

Question 18

When installing a dedicated R80 SmartEvent server, what is the recommended size of the root partition?

Options:

A.

Any size

B.

Less than 20GB

C.

More than 10GB and less than 20 GB

D.

At least 20GB

Question 19

Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?

Options:

A.

All Connections (Clear or Encrypted)

B.

Accept all encrypted traffic

C.

Specific VPN Communities

D.

All Site-to-Site VPN Communities

Question 20

The Online Activation method is available for Check Point manufactured appliances. How does the administrator use the Online Activation method?

Options:

A.

The SmartLicensing GUI tool must be launched from the SmartConsole for the Online Activation tool to start automatically.

B.

No action is required if the firewall has internet access and a DNS server to resolve domain names.

C.

Using the Gaia First Time Configuration Wizard, the appliance connects to the Check Point User Center and downloads all necessary licenses and contracts.

D.

The cpinfo command must be run on the firewall with the switch -online-license-activation.

Question 21

Fill in the blank: Authentication rules are defined for ____________.

Options:

A.

User groups

B.

Users using UserCheck

C.

Individual users

D.

All users in the database

Question 22

Which option would allow you to make a backup copy of the OS and Check Point configuration, without stopping Check Point processes?

Options:

A.

All options stop Check Point processes

B.

backup

C.

migrate export

D.

snapshot

Question 23

In order to modify Security Policies, the administrator can use which of the following tools? (Choose the best answer.)

Options:

A.

SmartConsole and WebUI on the Security Management Server.

B.

SmartConsole or mgmt_cli (API) on any computer where SmartConsole is installed.

C.

Command line of the Security Management Server or mgmt_cli.exe on any Windows computer.

D.

mgmt_cli (API) or WebUI on Security Gateway and SmartConsole on the Security Management Server.

Question 24

You want to store the GAiA configuration in a file for later reference. What command should you use?

Options:

A.

write mem

B.

show config -f

C.

save config -o

D.

save configuration

Question 25

Core Protections are installed as part of what Policy?

Options:

A.

Access Control Policy.

B.

Desktop Firewall Policy

C.

Mobile Access Policy.

D.

Threat Prevention Policy.

Question 26

When using Automatic Hide NAT, what is enabled by default?

Options:

A.

Source Port Address Translation (PAT)

B.

Static NAT

C.

Static Route

D.

HTTPS Inspection

Question 27

What are the two types of NAT supported by the Security Gateway?

Options:

A.

Destination and Hide

B.

Hide and Static

C.

Static and Source

D.

Source and Destination

Question 28

An administrator can use section titles to more easily navigate between large rule bases. Which of these statements is FALSE?

Options:

A.

Section titles are not sent to the gateway side.

B.

These sections are simple visual divisions of the Rule Base and do not hinder the order of rule enforcement.

C.

A Sectional Title can be used to disable multiple rules by disabling only the sectional title.

D.

Sectional Titles do not need to be created in the SmartConsole.

Question 29

Which is NOT an encryption algorithm that can be used in an IPSEC Security Association (Phase 2)?

Options:

A.

AES-GCM-256

B.

AES-CBC-256

C.

AES-GCM-128

Question 30

A stateful inspection firewall works by registering connection data and compiling this information. Where is the information stored?

Options:

A.

In the system SMEM memory pool.

B.

In State tables.

C.

In the Sessions table.

D.

In a CSV file on the firewall hard drive located in $FWDIR/conf/.

Question 31

Which statement is TRUE of anti-spoofing?

Options:

A.

Anti-spoofing is not needed when IPS software blade is enabled

B.

It is more secure to create anti-spoofing groups manually

C.

It is BEST Practice to have anti-spoofing groups in sync with the routing table

D.

With dynamic routing enabled, anti-spoofing groups are updated automatically whenever there is a routing change

Question 32

When defining group-based access in an LDAP environment with Identity Awareness, what is the BEST object type to represent an LDAP group in a Security Policy?

Options:

A.

Access Role

B.

User Group

C.

SmartDirectory Group

D.

Group Template

Question 33

Which of the following is TRUE regarding Gaia command line?

Options:

A.

Configuration changes should be done in mgmt_di and use CLISH for monitoring. Expert mode is used only for OS level tasks

B.

Configuration changes should be done in mgmt_cli and use expert-mode for OS-level tasks.

C.

Configuration changes should be done in expert-mode and CLISH is used for monitoring

D.

All configuration changes should be made in CLISH and expert-mode should be used for OS-level tasks.

Question 34

Fill in the blank: When a policy package is installed, ________ are also distributed to the target installation Security Gateways.

Options:

A.

User and objects databases

B.

Network databases

C.

SmartConsole databases

D.

User databases

Question 35

To view statistics on detected threats, which Threat Tool would an administrator use?

Options:

A.

Protections

B.

IPS Protections

C.

Profiles

D.

ThreatWiki

Question 36

How many layers make up the TCP/IP model?

Options:

A.

2

B.

7

C.

6

D.

4

Question 37

Name the pre-defined Roles included in Gaia OS.

Options:

A.

AdminRole, and MonitorRole

B.

ReadWriteRole, and ReadyOnly Role

C.

AdminRole, cloningAdminRole, and Monitor Role

D.

AdminRole

Question 38

What is the most recommended installation method for Check Point appliances?

Options:

A.

SmartUpdate installation

B.

DVD media created with Check Point ISOMorphic

C.

USB media created with Check Point ISOMorphic

D.

Cloud based installation

Question 39

Which type of attack can a firewall NOT prevent?

Options:

A.

Network Bandwidth Saturation

B.

Buffer Overflow

C.

SYN Flood

D.

SQL Injection

Question 40

Of all the Check Point components in your network, which one changes most often and should be backed up most frequently?

Options:

A.

SmartManager

B.

SmartConsole

C.

Security Gateway

D.

Security Management Server

Question 41

True or False: The destination server for Security Gateway logs depends on a Security Management Server configuration.

Options:

A.

False, log servers are configured on the Log Server General Properties

B.

True, all Security Gateways will only forward logs with a SmartCenter Server configuration

C.

True, all Security Gateways forward logs automatically to the Security Management Server

D.

False, log servers are enabled on the Security Gateway General Properties

Question 42

Fill in the blanks: There are ________ types of software containers ________.

Options:

A.

Three; security management, Security Gateway, and endpoint security

B.

Three; Security gateway, endpoint security, and gateway management

C.

Two; security management and endpoint security

D.

Two; endpoint security and Security Gateway

Question 43

Which is a suitable command to check whether Drop Templates are activated or not?

Options:

A.

fw ctl get int activate_drop_templates

B.

fwaccel stat

C.

fwaccel stats

D.

fw ctl templates –d

Question 44

When a Security Gateway sends its logs to an IP address other than its own, which deployment option is installed?

Options:

A.

Distributed

B.

Standalone

C.

Bridge Mode

D.

Targeted

Question 45

Fill in the blanks: In _____ NAT, Only the ________ is translated.

Options:

A.

Static; source

B.

Simple; source

C.

Hide; destination

D.

Hide; source

Question 46

You have successfully backed up your Check Point configurations without the OS information. What command would you use to restore this backup?

Options:

A.

restore_backup

B.

import backup

C.

cp_merge

D.

migrate import

Question 47

True or False: In R80, more than one administrator can login to the Security Management Server with write permission at the same time.

Options:

A.

False, this feature has to be enabled in the Global Properties.

B.

True, every administrator works in a session that is independent of the other administrators.

C.

True, every administrator works on a different database that is independent of the other administrators.

D.

False, only one administrator can login with write permission.

Question 48

Which of the following is NOT a valid application navigation tab in the R80 SmartConsole?

Options:

A.

Manage and Command Line

B.

Logs and Monitor

C.

Security Policies

D.

Gateway and Servers

Question 49

What default layers are included when creating a new policy layer?

Options:

A.

Application Control, URL Filtering and Threat Prevention

B.

Access Control, Threat Prevention and HTTPS Inspection

C.

Firewall, Application Control and IPSec VPN

D.

Firewall, Application Control and IPS

Question 50

Which of the following is a valid deployment option?

Options:

A.

CloudSec deployment

B.

Disliked deployment

C.

Router only deployment

D.

Standalone deployment

Question 51

Which two Identity Awareness daemons are used to support identity sharing?

Options:

A.

Policy Activation Point (PAP) and Policy Decision Point (PDP)

B.

Policy Manipulation Point (PMP) and Policy Activation Point (PAP)

C.

Policy Enforcement Point (PEP) and Policy Manipulation Point (PMP)

D.

Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

Question 52

Check Point licenses come in two forms. What are those forms?

Options:

A.

Security Gateway and Security Management.

B.

On-premise and Public Cloud

C.

Central and Local.

D.

Access Control and Threat Prevention.

Question 53

An administrator wishes to use Application objects in a rule in their policy but there are no Application objects listed as options to add when clicking the"+" to add new items to the "Services & Applications" column of a rule. What should be done to fix this?

Options:

A.

The administrator should drag-and-drop the needed Application objects from the Object Explorer into the new rule

B.

The "Application Control" blade should be enabled on a gateway

C.

"Applications & URL Filtering" should first be enabled on the policy layer where the rule is being created.

D.

The administrator should first create some applications to add to the rule.

Question 54

What are the two elements of address translation rules?

Options:

A.

Original packet and translated packet

B.

Manipulated packet and original packet

C.

Translated packet and untranslated packet

D.

Untranslated packet and manipulated packet

Question 55

In what way is Secure Network Distributor (SND) a relevant feature of the Security Gateway?

Options:

A.

SND is a feature to accelerate multiple SSL VPN connections

B.

SND is an alternative to IPSec Main Mode, using only 3 packets

C.

SND is used to distribute packets among Firewall instances

D.

SND is a feature of fw monitor to capture accelerated packets

Question 56

Which software blade does NOT accompany the Threat Prevention policy?

Options:

A.

IPS

B.

Application Control and URL Filtering

C.

Threat Emulation

D.

Anti-virus

Question 57

Fill in the blank: Once a certificate is revoked from the Security GateWay by the Security Management Server, the certificate information is _______.

Options:

A.

Sent to the Internal Certificate Authority.

B.

Sent to the Security Administrator.

C.

Stored on the Security Management Server.

D.

Stored on the Certificate Revocation List.

Question 58

After the initial installation on Check Point appliance, you notice that the Management interface and default gateway are incorrect. Which commands could you use to set the IP to 192.168.80.200/24 and default gateway to 192.168.80.1.

Options:

A.

set interface Mgmt ipv4-address 192.168.80.200 mask-length 24set static-route default nexthop gateway address 192.168.80.1 onsave config

B.

add interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0 gw 192.168.80.1 onsave config

C.

set interface Mgmt ipv4-address 192.168.80.200 255.255.255.0add static-route 0.0.0.0.0.0.0.0 gw 192.168.80.1 onsave config

D.

add interface Mgmt ipv4-address 192.168.80.200 mask-length 24add static-route default nexthop gateway address 192.168.80.1 onsave config

Question 59

Which Threat Prevention Software Blade provides comprehensive protection against malicious and unwanted network traffic, focusing on application and server vulnerabilities?

Options:

A.

IPS

B.

Anti-Virus

C.

Anti-Spam

D.

Anti-bot

Question 60

The CDT utility supports which of the following?

Options:

A.

Major version upgrades to R77.30

B.

Only Jumbo HFA’s and hotfixes

C.

Only major version upgrades to R80.10

D.

All upgrades

Question 61

Gaia includes Check Point Upgrade Service Engine (CPUSE), which can directly receive updates for what components?

Options:

A.

The Security Gateway (SG) and Security Management Server (SMS) software and the CPUSE engine.

B.

Licensed Check Point products for the Gala operating system and the Gaia operating system itself.

C.

The CPUSE engine and the Gaia operating system.

D.

The Gaia operating system only.

Question 62

In HTTPS Inspection policy, what actions are available in the "Actions" column of a rule?

Options:

A.

"Inspect", "Bypass"

B.

"Inspect", "Bypass", "Categorize"

C.

"Inspect", "Bypass", "Block"

D.

"Detect", "Bypass"

Question 63

What key is used to save the current CPView page in a filename format cpview_“cpview process ID”. cap”number of captures”?

Options:

A.

S

B.

W

C.

C

D.

Space bar

Question 64

Which policy type is used to enforce bandwidth and traffic control rules?

Options:

A.

Access Control

B.

Threat Emulation

C.

Threat Prevention

D.

QoS

Question 65

Which SmartConsole tab shows logs and detects security threats, providing a centralized display of potential attack patterns from all network devices?

Options:

A.

Gateway and Servers

B.

Logs and Monitor

C.

Manage Seeting

D.

Security Policies

Question 66

An administrator wishes to enable Identity Awareness on the Check Point firewalls. However they allow users to use company issued or personal laptops. Since the administrator cannot manage the personal laptops, which of the following methods would BEST suit this company?

Options:

A.

AD Query

B.

Browser-Based Authentication

C.

Identity Agents

D.

Terminal Servers Agent

Question 67

The ______ software blade package uses CPU-level and OS-level sandboxing in order to detect and block malware.

Options:

A.

Next Generation Threat Prevention

B.

Next Generation Threat Emulation

C.

Next Generation Threat Extraction

D.

Next Generation Firewall

Question 68

When enabling tracking on a rule, what is the default option?

Options:

A.

Accounting Log

B.

Extended Log

C.

Log

D.

Detailed Log

Question 69

Name the authentication method that requires token authenticator.

Options:

A.

SecureID

B.

Radius

C.

DynamicID

D.

TACACS

Question 70

Can multiple administrators connect to a Security Management Server at the same time?

Options:

A.

No, only one can be connected

B.

Yes, all administrators can modify a network object at the same time

C.

Yes, every administrator has their own username, and works in a session that is independent of other administrators

D.

Yes, but only one has the right to write

Question 71

Which one of the following is a way that the objects can be manipulated using the new API integration in R80 Management?

Options:

A.

Microsoft Publisher

B.

JSON

C.

Microsoft Word

D.

RC4 Encryption

Question 72

Which of the following methods can be used to update the trusted log server regarding the policy and configuration changes performed on the Security Management Server?

Options:

A.

Save Policy

B.

Install Database

C.

Save session

D.

Install Policy

Question 73

How are the backups stored in Check Point appliances?

Options:

A.

Saved as*.tar under /var/log/CPbackup/backups

B.

Saved as*tgz under /var/CPbackup

C.

Saved as*tar under /var/CPbackup

D.

Saved as*tgz under /var/log/CPbackup/backups

Question 74

Which one of the following is TRUE?

Options:

A.

Ordered policy is a sub-policy within another policy

B.

One policy can be either inline or ordered, but not both

C.

Inline layer can be defined as a rule action

D.

Pre-R80 Gateways do not support ordered layers

Question 75

Which of the following situations would not require a new license to be generated and installed?

Options:

A.

The Security Gateway is upgraded.

B.

The existing license expires.

C.

The license is upgraded.

D.

The IP address of the Security Management or Security Gateway has changed.

Question 76

What type of NAT is a one-to-one relationship where each host is translated to a unique address?

Options:

A.

Source

B.

Static

C.

Hide

D.

Destination

Question 77

Fill in the blank: The_____is used to obtain identification and security information about network users.

Options:

A.

User index

B.

UserCheck

C.

User Directory

D.

User server

Question 78

What are the steps to configure the HTTPS Inspection Policy?

Options:

A.

Go to Manage&Settings > Blades > HTTPS Inspection > Configure in SmartDashboard

B.

Go to Application&url filtering blade > Advanced > Https Inspection > Policy

C.

Go to Manage&Settings > Blades > HTTPS Inspection > Policy

D.

Go to Application&url filtering blade > Https Inspection > Policy

Question 79

Which Check Point software blade monitors Check Point devices and provides a picture of network and security performance?

Options:

A.

Application Control

B.

Threat Emulation

C.

Logging and Status

D.

Monitoring

Question 80

What SmartEvent component creates events?

Options:

A.

Consolidation Policy

B.

Correlation Unit

C.

SmartEvent Policy

D.

SmartEvent GUI

Question 81

Which of the following commands is used to monitor cluster members?

Options:

A.

cphaprob state

B.

cphaprob status

C.

cphaprob

D.

cluster state

Question 82

What are the three main components of Check Point security management architecture?

Options:

A.

SmartConsole, Security Management, and Security Gateway

B.

Smart Console, Standalone, and Security Management

C.

SmartConsole, Security policy, and Logs & Monitoring

D.

GUI-Client, Security Management, and Security Gateway

Question 83

What is the main objective when using Application Control?

Options:

A.

To filter out specific content.

B.

To assist the firewall blade with handling traffic.

C.

To see what users are doing.

D.

Ensure security and privacy of information.

Question 84

Which key is created during Phase 2 of a site-to-site VPN?

Options:

A.

Pre-shared secret

B.

Diffie-Hellman Public Key

C.

Symmetrical IPSec key

D.

Diffie-Hellman Private Key

Question 85

What is the RFC number that act as a best practice guide for NAT?

Options:

A.

RFC 1939

B.

RFC 1950

C.

RFC 1918

D.

RFC 793

Question 86

SmartEvent does NOT use which of the following procedures to identity events:

Options:

A.

Matching a log against each event definition

B.

Create an event candidate

C.

Matching a log against local exclusions

D.

Matching a log against global exclusions

Question 87

Fill in the blanks: The _______ collects logs and sends them to the _______.

Options:

A.

Log server; Security Gateway

B.

Log server; security management server

C.

Security management server; Security Gateway

D.

Security Gateways; log server

Question 88

When a gateway requires user information for authentication, what order does it query servers for user information?

Options:

A.

First - Internal user database, then LDAP servers in order of priority, finally the generic external user profile

B.

First the Internal user database, then generic external user profile, finally LDAP servers in order of priority.

C.

First the highest priority LDAP server, then the internal user database, then lower priority LDAP servers, finally the generic external profile

D.

The external generic profile, then the internal user database finally the LDAP servers in order of priority.

Question 89

After a new Log Server is added to the environment and the SIC trust has been established with the SMS what will the gateways do?

Options:

A.

The gateways can only send logs to an SMS and cannot send logs to a Log Server. Log Servers are proprietary log archive servers.

B.

Gateways will send new firewall logs to the new Log Server as soon as the SIC trust is set up between the SMS and the new Log Server.

C.

The firewalls will detect the new Log Server after the next policy install and redirect the new logs to the new Log Server.

D.

Logs are not automatically forwarded to a new Log Server. SmartConsole must be used to manually configure each gateway to send its logs to the server.

Question 90

Choose what BEST describes a Session

Options:

A.

Sessions ends when policy is pushed to the Security Gateway.

B.

Starts when an Administrator logs in through SmartConsole and ends when the Administrator logs out.

C.

Sessions locks the policy package for editing.

D.

Starts when an Administrator publishes all the changes made on SmartConsole

Question 91

Which command shows the installed licenses in Expert mode?

Options:

A.

print cplic

B.

show licenses

C.

fwlic print

D.

cplic print

Question 92

Why is a Central License the preferred and recommended method of licensing?

Options:

A.

Central Licensing is actually not supported with Gaia.

B.

Central Licensing is the only option when deploying Gaia

C.

Central Licensing ties to the IP address of a gateway and can be changed to any gateway if needed.

D.

Central Licensing ties to the IP address of the management server and is not dependent on the IP of any gateway in the event it changes.

Question 93

Fill in the blanks: The Application Layer Firewalls inspect traffic through the ______ layer(s) of the TCP/IP model and up to and including the ______ layer.

Options:

A.

Upper; Application

B.

First two; Internet

C.

Lower; Application

D.

First two; Transport

Question 94

Which of the following is the most secure means of authentication?

Options:

A.

Password

B.

Certificate

C.

Token

D.

Pre-shared secret

Question 95

Which of the following is true about Stateful Inspection?

Options:

A.

Stateful Inspection tracks state using two tables, one for incoming traffic and one for outgoing traffic

B.

Stateful Inspection looks at both the headers of packets, as well as deeply examining their content.

C.

Stateful Inspection requires that a server reply to a request, in order to track a connection's state

D.

Stateful Inspection requires two rules, one for outgoing traffic and one for incoming traffic.

Question 96

In the Check Point three-tiered architecture, which of the following is NOT a function of the Security Management Server?

Options:

A.

Display policies and logs on the administrator's workstation.

B.

Processing and sending alerts such as SNMP traps and email notifications.

C.

Verify and compile Security Policies.

D.

Store firewall logs to hard drive storage.

Question 97

John is the administrator of a R80 Security Management server managing r R77.30 Check Point Security Gateway. John is currently updating the network objects and amending the rules using SmartConsole. To make John’s changes available to other administrators, and to save the database before installing a policy, what must John do?

Options:

A.

Logout of the session

B.

File > Save

C.

Install database

D.

Publish the session

Question 98

R80 is supported by which of the following operating systems:

Options:

A.

Windows only

B.

Gaia only

C.

Gaia, SecurePlatform, and Windows

D.

SecurePlatform only

Question 99

Name the file that is an electronically signed file used by Check Point to translate the features in the license into a code?

Options:

A.

Both License (.lic) and Contract (.xml) files

B.

cp.macro

C.

Contract file (.xml)

D.

license File (.lie)

Question 100

What command from the CLI would be used to view current licensing?

Options:

A.

license view

B.

fw ctl tab -t license -s

C.

show license -s

D.

cplic print

Question 101

How is communication between different Check Point components secured in R80? As with all questions, select the best answer.

Options:

A.

By using IPSEC

B.

By using SIC

C.

By using ICA

D.

By using 3DES

Question 102

Fill in the blank RADIUS Accounting gets_____data from requests generated by the accounting client

Options:

A.

Location

B.

Payload

C.

Destination

D.

Identity

Question 103

To view the policy installation history for each gateway, which tool would an administrator use?

Options:

A.

Revisions

B.

Gateway installations

C.

Installation history

D.

Gateway history

Question 104

AdminA and AdminB are both logged in on SmartConsole What does it mean if AdmmB sees a lock icon on a rule? Choose the BEST answer.

Options:

A.

Rule is locked by AdminA and will be made available if the session is published

B.

Rule is locked by AdminA because the rule is currently being edited

C.

Rule is locked by AdminA and if the session is saved, the rule will be made available

D.

Rule is locked by AdminA because the save button has not been pressed

Question 105

Name one limitation of using Security Zones in the network?

Options:

A.

Security zones will not work in Automatic NAT rules

B.

Security zone will not work in Manual NAT rules

C.

Security zones will not work in firewall policy layer

D.

Security zones cannot be used in network topology

Question 106

Which option, when applied to a rule, allows all encrypted and non-VPN traffic that matches the rule?

Options:

A.

All Site-to-Site VPN Communities

B.

Accept all encrypted traffic

C.

All Connections (Clear or Encrypted)

D.

Specific VPN Communities

Question 107

What two ordered layers make up the Access Control Policy Layer?

Options:

A.

URL Filtering and Network

B.

Network and Threat Prevention

C.

Application Control and URL Filtering

D.

Network and Application Control

Question 108

Which single Security Blade can be turned on to block both malicious files from being downloaded as well as block websites known to host malware?

Options:

A.

Anti-Bot

B.

None - both Anti-Virus and Anti-Bot are required for this

C.

Anti-Virus

D.

None - both URL Filtering and Anti-Virus are required for this.

Question 109

Fill in the blank: The position of an implied rule is manipulated in the __________________ window.

Options:

A.

NAT

B.

Firewall

C.

Global Properties

D.

Object Explorer

Question 110

Which type of Check Point license ties the package license to the IP address of the Security Management Server?

Options:

A.

Central

B.

Corporate

C.

Local

D.

Formal

Question 111

Identify the ports to which the Client Authentication daemon listens on by default?

Options:

A.

259, 900

B.

256, 257

C.

8080, 529

D.

80, 256

Question 112

In order to see real-time and historical graph views of Security Gateway statistics in SmartView Monitor, what feature needs to be enabled on the Security Gateway?

Options:

A.

Logging & Monitoring

B.

None - the data is available by default

C.

Monitoring Blade

D.

SNMP

Question 113

SandBlast offers flexibility in implementation based on their individual business needs. What is an option for deployment of Check Point SandBlast Zero-Day Protection?

Options:

A.

Smart Cloud Services

B.

Load Sharing Mode Services

C.

Threat Agent Solution

D.

Public Cloud Services

Question 114

Which of the following is NOT an option to calculate the traffic direction?

Options:

A.

Incoming

B.

Internal

C.

External

D.

Outgoing

Question 115

What is a reason for manual creation of a NAT rule?

Options:

A.

In R80 all Network Address Translation is done automatically and there is no need for manually defined NAT-rules.

B.

Network Address Translation of RFC1918-compliant networks is needed to access the Internet.

C.

Network Address Translation is desired for some services, but not for others.

D.

The public IP-address is different from the gateway’s external IP

Question 116

What Check Point tool is used to automatically update Check Point products for the Gaia OS?

Options:

A.

Check Point INSPECT Engine

B.

Check Point Upgrade Service Engine

C.

Check Point Update Engine

D.

Check Point Upgrade Installation Service

Question 117

Which Threat Prevention Software Blade provides protection from malicious software that can infect your network computers? (Choose the best answer.)

Options:

A.

IPS

B.

Anti-Virus

C.

Anti-Malware

D.

Content Awareness

Question 118

How Capsule Connect and Capsule Workspace differ?

Options:

A.

Capsule Connect provides a Layer3 VPN. Capsule Workspace provides a Desktop with usable applications

B.

Capsule Workspace can provide access to any application

C.

Capsule Connect provides Business data isolation

D.

Capsule Connect does not require an installed application at client

Question 119

To quickly review when Threat Prevention signatures were last updated, which Threat Tool would an administrator use?

Options:

A.

Protections

B.

IPS Protections

C.

Profiles

D.

ThreatWiki

Question 120

Which Identity Source(s) should be selected in Identity Awareness for when there is a requirement for a higher level of security for sensitive servers?

Options:

A.

AD Query

B.

Terminal Servers Endpoint Identity Agent

C.

Endpoint Identity Agent and Browser-Based Authentication

D.

RADIUS and Account Logon

Page: 1 / 40
Total 400 questions